[Samba] Re: Samba entries in the LDAP tree, help!
itzaberhad at yahoo.com
Fri Oct 3 23:33:11 GMT 2003
I'm curious, the samba.schema is for Samba 2.0. Is there a new Schema
for Samba 3.0 that includes ACLs?
Ed Asbury wrote:
> I can NOT find any information on how to get the following into the LDAP tree (and where they should be located) from the documentation. I am definitely an LDAP beginner and assembling the tree from reading schema's is still over my head. I am able to connect to samba using only LDAP authentication and can add users, but that is all I can successfully do, "net groupmap add", "net group" returns nothing, "pdbedit -L" etc. fail miserably because I don't have everything I need in the tree (which I can see from setting the debugging to 2)it isn't finding these entries because I don't know where to put them and how this thing structurally should be laid out. Specifically where do the following fit into the LDAP tree; sambaGroupMapping, sambaUnixIdPool, sambaIdmapEntry (automatically created?), and sambaSidEntry.
> I used the IdealX smbldap-populate.pl tool to get the basic structure there and have at least gotten the User authentication portion working. But if someone could give me a clue of where to look (if I somehow missed it in the documents, but I don't see how because I read it from cover to cover) and/or how to get started on the rest of this, I would be eternally grateful.
> So far the tree looks approximately as so;
> dc=vogeleusa, dc=com
> |_ou=Computers (as created by smbldap-populate.pl, no entries here yet)
> |_ou=Groups (as created by smbldap-populate.pl)
> |_cn=Domain Admins
> |_ou=Users (as created by smbldap-populate.pl)
> |_sambaDomainName(sambaDomain)=VOGELEUSA (created automatically by pdbedit or a net command, I have forgotten which)
> I would greatly appreciate any help as I have been working on TRYING to get LDAP and Samba to work together for over a week now and have had only minor luck in getting the two to cooperate. Samba 3 does work fine with smbpasswd, I would just like to use LDAP exclusively for single sign.
> Ed Asbury
> Systems Admin/Programmer
> Vogele America, Inc.
More information about the samba